Module: Botan::BCrypt

Defined in:

lib/botan/bcrypt.rb

Overview

bcrypt password hashing

Examples

examples/bcrypt.rb

Class Method Summary

• .hash(password, work_factor: 10, rng: Botan::RNG.new) ⇒ String

  Generates a password hash using bcrypt.

• .valid?(password:, phash:) ⇒ Boolean

  Checks a password against a bcrypt hash.

Class Method Details

.hash(password, work_factor: 10, rng: Botan::RNG.new) ⇒ String

Generates a password hash using bcrypt.

Parameters:

• password (String) —

  the password to hash

• work_factor (Integer) (defaults to: 10) —

  the bcrypt work factor

• rng (Botan::RNG) (defaults to: Botan::RNG.new) —

  the RNG to use

Returns:

• (String) —

  the generated password hash

# File 'lib/botan/bcrypt.rb', line 24

def self.hash(password, work_factor: 10, rng: Botan::RNG.new)
  out_len = 64
  out_buf = FFI::MemoryPointer.new(:uint8, out_len)
  flags = 0
  out_len_ptr = FFI::MemoryPointer.new(:size_t)
  out_len_ptr.write(:size_t, out_len)
  Botan.call_ffi(:botan_bcrypt_generate,
                 out_buf, out_len_ptr,
                 password, rng.ptr, work_factor, flags)
  result = out_buf.read_bytes(out_len_ptr.read(:size_t))
  result = result[0...-1] if result[-1] == "\x00"
  result
end

.valid?(password:, phash:) ⇒ Boolean

Checks a password against a bcrypt hash.

Parameters:

• password (String) —

  the password to hash

• phash (String) —

  the bcrypt hash

Returns:

• (Boolean) —

  true if the provided password is correct

# File 'lib/botan/bcrypt.rb', line 43

def self.valid?(password:, phash:)
  rc = Botan.call_ffi_rc(:botan_bcrypt_is_valid, password, phash)
  rc.zero?
end